#JamfThreatLabs

Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software

January 19, 2024 by Xynik

January 19, 2024 at 08:51AM Pirated macOS applications from Chinese websites harbor a backdoor allowing attackers remote control over infected machines. The malware, hosted on “macyy[.]cn,” uses a dropper to fetch backdoor and downloader components, which enable persistence and facilitate additional payloads. This echoes previous incidents involving the ZuRu malware, possibly indicating a successor. (Words: … Read more

Stealthy New macOS Backdoor Hides on Chinese Websites

January 18, 2024 by Xynik

January 18, 2024 at 10:51AM Researchers from Jamf Threat Labs discovered a sneaky macOS backdoor hidden in trojanized apps on Chinese websites. The malware, “.fseventsd,” can compromise victims’ machines. It evades detection by imitating legitimate processes and uses a malicious library. The campaign highlights the risk from pirated apps and the increasing macOS targeting. Protection … Read more

Apple ‘Lockdown Mode’ Bypass Subverts Key iPhone Security Feature

December 5, 2023 by Xynik

December 5, 2023 at 05:51PM Researchers at Jamf Threat Labs found ways to bypass Apple’s Lockdown Mode, which aims to prevent cyberattacks. Although the mode reduces vulnerabilities by limiting certain features and functions, the researchers could mimic Lockdown Mode’s signals, misleading users while allowing malware operations. This highlights an industry-wide security oversight on maintaining device … Read more

Warning for iPhone Users: Experts Warn of Sneaky Fake Lockdown Mode Attack

December 5, 2023 by Xynik

December 5, 2023 at 10:07AM Malicious actors can deceive users into believing their iPhone is in Lockdown Mode when it’s not, allowing covert attacks. Jamf Threat Labs exposed a method where a compromised device can appear secure, yet malware persists and functions despite the security feature. Apple’s iOS 17 improvements may mitigate such issues. Takeaways … Read more